Those are usually indicative of WebDAV, so you could try a WebDAV client. You'll sometimes find that a OPTIONS / HTTP/1.0 will show a lot of methods like that, but you'll get a 501 Not Implemented when you try to use them. WebDAV may also require authentication. Just google HTTP <method> to see the syntax for using them manually through netcat or something.

PUT method can be used to upload a file to the server only if the directory is writable. If the user, with which the website is run, doesn't have write privileges on a directory, you won't be able to upload to that directory., even if PUT verb is allowed.

How do you find if a website allows PUT verb?nc -v <domain or I.P> <webserver port>OPTIONS / HTTP/1.0

How do you know if a directory is writable?You can follow a brute-force approach and try every directory.You can enumerate the directories used to store user ulploads like images, attachments etc and then try PUT method on each one of these.

I just read an article which might solve your problem. I didn't understand how to take elements from this article and word it exactly for your problem, so I'm just linking it here (Being just a college student, I've my limitations ). http://blogs.msdn.com/b/david.wang/arch ... ssion.aspx

Last edited by Xen on Thu Aug 19, 2010 10:34 am, edited 1 time in total.